<?php
session_start();
require('../../include/formFunctions.php');
if(isset($_SESSION['admin_id'])) {
    include "../../include/dbFunctions.php";
    $eid =$_SESSION['eid'];
    $cid_a=$_POST['cid'];
    $name_a=htmlspecialchars($_POST['name'],ENT_QUOTES);
    $ns_a=htmlspecialchars($_POST['ns'],ENT_QUOTES);

    if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
        //Check if it's size is less than 350Kb
        $filename = newname(basename($_FILES['uploaded_file']['name']));
        $ext = substr($filename, strrpos($filename, '.') + 1);
        if (($_FILES["uploaded_file"]["size"] < 1000000)) {
            //Determine the path to which we want to save this file
            $newname = dirname(__FILE__).'/../../upload/'.$filename;
            //Check if the file with the same name is already exists on the server
            ;
            if (!file_exists($newname)) {
                //Attempt to move the uploaded file to it's new place
                if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
                    $_SESSION['mes'] = "File has been uploaded.";
                    //now insert

                } else {
                    $_SESSION['mes'] = "Error in file upload. ";
                }
            } else {
                $_SESSION['mes'] = "Error in file upload.  ";
            }
        } else {
            $_SESSION['mes'] = "Error: Only file under 1MB are accepted for upload";
        }
    } else {
        $_SESSION['mes'] = "No file uploaded.";
    }
    $query = "INSERT INTO class (class_name,
                                                class_no_student,
                                                class_student_list, event_id)
                                        VALUES ('".$name_a."',
                                                '".$ns_a."',
                                                '".$filename."',$eid)";
    $result = executeQuery($query);
    $link = "../eventView.php?id=".$_SESSION['eid'];
    if ($result!=0) {
        $_SESSION['mes'].=" Class has been created successfully.";
        //update event status
            $query = "UPDATE event
            SET event_status = 'pending'
            WHERE event_id = $eid";
            $result = executeQuery($query);
         header('Location: ' . $link);
    } else {
        $_SESSION['mes'].=" Error in creating class";
         header('Location: ' . $link);
    }
}else {
    header("Location: ../include/login.html");
}
?>